T.E.N. Knowledge Base

ISE® Northeast 2017

On the Radar: Attivo Networks offers deception, vulnerability assessment, and response automation  > Download Whitepaper
Attivo Networks develops technology for threat deception, with products for network and endpoint, as well as threat visibility/vulnerability assessment and incident response. Its deception capability works across a company’s user network, data center, cloud infrastructure, remote office/branch office (ROBO), industrial control systems (ICS), Internet of Things (IoT), and point-of-sales (POS) networks. Decoys can be made to look like a wide variety of targets, including a human-machine interface (HMI) device in operational technology (OT), an IoT node, or a POS terminal.

Cyber Value at Risk: Quantify the Financial Impact of Cyber Risk  > Download Whitepaper
No matter how many resources at their ngertips, cyber security experts consistently struggle to keep up with the overwhelming amount of threats and vulnerabilities standing in their way. Cyber security is a hectic grind with tens of thousands of security events cropping up across hundreds of di erent applications each day. Each of these applications usually run with numerous open vulnerabilities waiting for xes. And, typically, more than a few users who tap into these applications engage in some sort of risky behavior that needs to be curtailed.

Best Practices for Privileged Identity Management in the Modern Enterprise  > Download Whitepaper
Data breaches continue to be top of mind for organizations large and small. Three key dynamics are making that challenge much harder — the cloud, the growing sophistication of attackers, and dramatic growth in outsourced services. In this paper, we explore the modern enterprise — a hybrid organization with infrastructure spread across on-premises data centers as well as hosted in the cloud and one where IT functions are split between internal and 3rd-party administrators. We look at these and related trends impacting our data security and speci cally, best practices on how to manage and govern privileged user access to mitigate these risks.

Software affects virtually every aspect of an individual – nances, safety, government, communication, businesses, and even happiness. Vulnerable software applications are a leading cause of enterprise data breaches,1 creating headaches for IT organizations, and nancial and legal liabilities for businesses. However, most software is never tested for security aws – because conventional testing approaches are inef cient, inaccurate, and expensive. If your organization is considering implementing or improving application security, ask yourself seven questions.

Solving the Visibility Gap: Securing Your Network with the Cisco Stealthwatch Online Visibility Assessment  > Download Whitepaper
As networks grow larger and more complex, organizations struggle to protect themselves from increasingly sophisticated threat actors. Attacks often go undetected or unreported for months. To detect and mitigate security risks, you need to be able to see what is taking place on your networks.

To help you achieve that goal, we are o ering the Cisco StealthwatchTM Online Visibility Assessment. It is designed to evaluate your internal network visibility and overall security posture.

As networking continues to evolve with trends such as mobility, the Internet of Things, and the cloud, gaining visibility is crucial to protecting your assets from advanced threats. This insight into attackers’ behaviors and location within your environment can help you prevent a security event from becoming a full-blown data breach.

Context-Aware Security from the Core  > Download Whitepaper
Today’s networks are constantly evolving, getting more complex and subject to frequent paradigm shifts. From hyperconnectivity with more than 21 billion connected devices expected by 20201 that are increasing the attack surface, to transformational shifts in deployment models such as hybrid cloud and SDN driving complexity, to business demands for 24x7x365 digital presence— the digital transformation is happening faster than you think. This complexity along with the constantly evolving nature of threats is leading to more breaches, attacks, longer times to resolve incidents, and increased risk to your business. What’s needed are solutions that work together to protect your infrastructure, your users, and your data, provide visibility, and help resolve threats faster. These solutions must reduce your day-to-day operational load, not add to it. Infoblox solutions for security address these challenges with actionable intelligence and context-aware security delivered form the core of your network.

Guide to Security Analytics & UEBA  > Download Whitepaper
In modern cyberwarfare, attack vectors are intentionally stealthy and multifaceted to avoid detection by traditional security tools. Attackers take advantage of hard-coded rules and thresholds, which produce far too many alerts and false positives for human investigation. Interset’s security analytics removes the dependency on rules and thresholds, leveraging unsupervised machine learning which distills billions of real-time events into a prioritized list of high-risk entities. This whitepaper explains how security analytics creates a force-multiplying productivity gain in cybersecurity defense, and provides guidance on critical requirements for business justification, risk coverage, machine learning, accelerated incident response and big data architectures.

Cyber Defense Maturity Scorecard: DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS  > Download Whitepaper
Continual disclosed and reported breaches provide testament to the evolving threat landscape elevating cybersecurity concerns all the way to the board room. Security executives tasked with preventing their organization from being the next victim headlining the news must evaluate the current state of their cybersecurity posture and then execute a sustainable plan to mature that posture.

Evolution of Next Generation Firewall: Choosing your rst line of defense  > Download Whitepaper
Next generation rewalls (NGFWs) are a prime example of how cybersecurity controls continue to evolve. Enterprises need a strong rst line of defense to protect their constantly changing attack surface. The number of attack vectors available to attackers is growing for several reasons, including a rise in the number of applications being used in the enterprise (and these must be constantly patched) and increased adoption of bring your own device (BYOD). Enterprises need to stop attackers at the perimeter.

A CISO’s Guide to Cloud Security: WHAT TO KNOW AND WHAT TO ASK BEFORE YOU BUY  > Download Whitepaper
It wasn’t so long ago when the idea of moving your organization’s workloads to the cloud was unthinkable. Today you’ll find most organizations have a growing portion of their IT infrastructures in the cloud. In fact, Gartner estimates that by 2020 “cloud- rst” and “cloud-only” will be standard corporate policies rather than exceptions, and a study by IDC says that by 2021 more than half of the typical enterprise IT infrastructures will be in the cloud.

Security Investigation Detection and Rapid Response with Splunk Enterprise  > Download Whitepaper
Hunting for an unknown threat or investigating an alert or breach can prove challenging and time-consuming for anyone—whether that’s a dedicated analyst or a person that plays multiple roles. While having visibility across data silos is a great starting point, detecting and addressing threats over the long term requires a more comprehensive approach: the security analytics cycle.

It's Time to Isolate Your Users From the Internet Cesspool With Remote Browsing  > Download Whitepaper
Almost all successful attacks originate from the public internet, and browser-based attacks are the leading source of attacks on users. Information security architects can't stop attacks, but can contain damage by isolating end-user internet browsing sessions from enterprise endpoints and networks.

Chuck Hudson

Charles Hudson
Executive Director, Security Strategy and Architecture
Comcast Corporation
ISE® Northeast People's Choice Award Winner 2014
ISE® Northeast Executive Award Finalist 2014
ISE® North America Executive Award Finalist 2014 - Commercial Category


Ransomware on the Rise  > Summary
Malware has long been the bane of many security professionals. However, a more frightening evolution in this long-time InfoSec foe has become increasingly dangerous and more prevalent in recent years. Ransomware has continued to grow as one of the most prevalent threats to industries of all shapes and sizes. A 2015 report by McAfee found a huge jump of late, from 257,357 new ransomware samples in the first half of 2014, to 380,652 in the second half. By the first half of 2015, that number jumped 5.3 times to over 2 million. In 2016, we saw several increasingly high-profile examples, including, most notably, the case of Hollywood Presbyterian Medical Center, a 434-bed hospital whose network effectively ground to a halt after hackers breached the system in early February. After relying on pen and paper records briefly, Hollywood Presbyterian paid the 40 bitcoin ($17,000) ransom to regain control of its network. As ransomware continues to spread, what can security professionals do to better protect themselves from this most malevolent of malware?

Denise Hucke

Denise Hucke
Executive Director
JP Morgan Chase & Co.

The Internet of Things is Here and Growing but are You Ready for it?  > Summary
The once nebulous Internet of Things has slowly but surely become a more defined and pressing issue for Information Security professionals as more organizations begin to adopt the IoT into their business structure. Gartner predicts that in the year 2020, 25 billion ‘things’ worldwide are connected to the internet with a collective economic value of two trillion dollar. While that still leaves current InfoSec professionals some time to adapt to a more pervasive Internet of Things, the question remains; “How ready is your organization for IoT adoption now?” Does your organization have the right skillsets and capabilities in place now to start investing in IoT related projects? Aside from all the innovative, technical and business skills needed, perhaps the greatest skill needed is the ability to understand what missing factors are in the organization’s capabilities.

Frank Aiello

Frank Aiello
SVP, Chief Information Security Officer
ISE® Northeast People's Choice Award Winner 2016
ISE® Northeast Executive Award Finalist 2016


Securing What You Share: Improving Your Third-Party Security  > Summary
When organizations start working with third-party vendors, they have to consider a variety of security concerns. These vendors often have access to valuable, sensitive corporate data, yet according to a 2016 study by the Ponemon Institute, more than one third of companies don’t believe these vendors would tell them if they had a data breach. Additionally, About 60% of respondents said they felt vulnerable because they were sharing sensitive data with third parties that might have weak security policies. While including data privacy and security procedures in third-party contracts to ensure vendors have appropriate measures in place to protect company data has become commonplace, it is difficult to evaluate how the vendor is protecting data from unauthorized access, use, and disclosure, and to know whether the vendor has appropriate contractual terms in place with downstream, who may also have access to your data. This disconnect creates a high-risk area for all industries as more and more data loss through third-party vendors results in a breakdown of trust and communication. To help prevent potential damages, organizations need to develop plans for working with third parties that involve data mapping vendors, contract specificity, and regular data audits.

Gehan Debare

Gehan Dabare
Managing Director

IAM in the Modern Security Age  > Summary
Your data is valuable and there’s a good chance that someone is actively working to get it. For today’s hackers, successful infiltration to sensitive systems and information is often achieved by gaining the credentials of privileged users with elevated access rights. Identity access management is a critical part of any enterprise security plan, as it is inextricably linked to the security and productivity of organizations in today’s digitally enabled economy. Even now the role and function of IAM is growing and changing at a rapid pace with elements like cloud computing, access proxy solutions, and risked-based authentication solutions. Now more than ever, well defined IAM and compliance policies are needed to ensure that your organization’s internal workings and information remain on the inside. With proper implementation of IAM practices and technologies, organizations can significantly reduce risk, modernize their business and help keep their information out of the hands of threat actors.